Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mercuryboard vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-6632
SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the User-Agent HTTP header ($_SERVER['HTTP_USER_AGENT']).
Mercuryboard Mercuryboard 1.1.2
Mercuryboard Mercuryboard 1.1.1
Mercuryboard Mercuryboard 1.1
Mercuryboard Mercuryboard 1.0
Mercuryboard Mercuryboard
1 EDB exploit
4.3
CVSSv2
CVE-2005-0462
Cross-site scripting (XSS) vulnerability in MercuryBoard 1.0.x and 1.1.x allows remote malicious users to inject arbitrary HTML and web script via the f parameter.
Mercuryboard Mercuryboard 1.0
Mercuryboard Mercuryboard 1.1
Mercuryboard Mercuryboard 1.1.1
5
CVSSv2
CVE-2005-0460
index.php in MercuryBoard 1.0.x and 1.1.x allows remote malicious users to obtain sensitive information by setting the debug parameter.
Mercuryboard Mercuryboard 1.0
Mercuryboard Mercuryboard 1.1.1
Mercuryboard Mercuryboard 1.1
4.3
CVSSv2
CVE-2005-0878
Cross-site scripting (XSS) vulnerability in MercuryBoard prior to 1.1.3 allows remote malicious users to inject arbitrary web script or HTML via the title field of a PM (private message).
Mercuryboard Mercuryboard Message Board 1.0.1
Mercuryboard Mercuryboard Message Board 1.0.2
Mercuryboard Mercuryboard Message Board 1.1
Mercuryboard Mercuryboard Message Board 1.0
Mercuryboard Mercuryboard Message Board 1.1.1
Mercuryboard Mercuryboard Message Board 1.1.2
5
CVSSv2
CVE-2005-0306
MercuryBoard 1.1.1 allows remote malicious users to gain sensitive information via an HTTP request with the n parameter set to 0, which causes a divide-by-zero error and reveals the path in the resulting error message.
Mercuryboard Mercuryboard 1.1
Mercuryboard Mercuryboard 1.1.1
4.3
CVSSv2
CVE-2005-0307
Multiple cross-site scripting (XSS) vulnerabilities in index.php in MercuryBoard 1.1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) s, (2) l, (3) a, (4) t, (5) to, or (6) re parameters.
Mercuryboard Mercuryboard 1.1
Mercuryboard Mercuryboard 1.1.1
1 EDB exploit
7.5
CVSSv2
CVE-2005-0663
SQL injection vulnerability in index.php for MercuryBoard 1.1.2 allows remote malicious users to inject arbitrary SQL commands via the f parameter.
Mercuryboard Mercuryboard 1.1.2
7.5
CVSSv2
CVE-2005-0414
SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows remote malicious users to execute arbitrary SQL commands via a reply post action for index.php with (1) the t parameter or (2) the qu parameter.
Mercuryboard Mercuryboard 1.1.1
1 EDB exploit
4.3
CVSSv2
CVE-2005-0662
Cross-site scripting (XSS) vulnerability in index.php for MercuryBoard 1.1.2 allows remote malicious users to inject arbitrary web script or HTML via the Avatar field.
Mercuryboard Mercuryboard 1.1.2
4.3
CVSSv2
CVE-2008-0757
Cross-site scripting (XSS) vulnerability in index.php in MercuryBoard 1.1.5 allows remote malicious users to inject arbitrary web script or HTML via the message parameter (aka the message text area), which leads to an injection in the messenger during private message (PM) preview...
Mercuryboard Mercuryboard Message Board
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »